Show More
@@ -108,6 +108,7 def authenticate_unless_readonly(f, self, *args, **kwargs): | |||||
108 | @web.authenticated |
|
108 | @web.authenticated | |
109 | def auth_f(self, *args, **kwargs): |
|
109 | def auth_f(self, *args, **kwargs): | |
110 | return f(self, *args, **kwargs) |
|
110 | return f(self, *args, **kwargs) | |
|
111 | ||||
111 | if self.application.read_only: |
|
112 | if self.application.read_only: | |
112 | return f(self, *args, **kwargs) |
|
113 | return f(self, *args, **kwargs) | |
113 | else: |
|
114 | else: | |
@@ -175,6 +176,14 class AuthenticatedHandler(RequestHandler): | |||||
175 | return "%s://%s" % (proto, self.request.host) |
|
176 | return "%s://%s" % (proto, self.request.host) | |
176 |
|
177 | |||
177 |
|
178 | |||
|
179 | class AuthenticatedFileHandler(AuthenticatedHandler, web.StaticFileHandler): | |||
|
180 | """static files should only be accessible when logged in""" | |||
|
181 | ||||
|
182 | @authenticate_unless_readonly | |||
|
183 | def get(self, path): | |||
|
184 | return web.StaticFileHandler.get(self, path) | |||
|
185 | ||||
|
186 | ||||
178 | class ProjectDashboardHandler(AuthenticatedHandler): |
|
187 | class ProjectDashboardHandler(AuthenticatedHandler): | |
179 |
|
188 | |||
180 | @authenticate_unless_readonly |
|
189 | @authenticate_unless_readonly |
@@ -48,7 +48,8 from .kernelmanager import MappingKernelManager | |||||
48 | from .handlers import (LoginHandler, LogoutHandler, |
|
48 | from .handlers import (LoginHandler, LogoutHandler, | |
49 | ProjectDashboardHandler, NewHandler, NamedNotebookHandler, |
|
49 | ProjectDashboardHandler, NewHandler, NamedNotebookHandler, | |
50 | MainKernelHandler, KernelHandler, KernelActionHandler, IOPubHandler, |
|
50 | MainKernelHandler, KernelHandler, KernelActionHandler, IOPubHandler, | |
51 | ShellHandler, NotebookRootHandler, NotebookHandler, RSTHandler |
|
51 | ShellHandler, NotebookRootHandler, NotebookHandler, RSTHandler, | |
|
52 | AuthenticatedFileHandler, | |||
52 | ) |
|
53 | ) | |
53 | from .notebookmanager import NotebookManager |
|
54 | from .notebookmanager import NotebookManager | |
54 |
|
55 | |||
@@ -103,7 +104,8 class NotebookWebApplication(web.Application): | |||||
103 | (r"/kernels/%s/shell" % _kernel_id_regex, ShellHandler), |
|
104 | (r"/kernels/%s/shell" % _kernel_id_regex, ShellHandler), | |
104 | (r"/notebooks", NotebookRootHandler), |
|
105 | (r"/notebooks", NotebookRootHandler), | |
105 | (r"/notebooks/%s" % _notebook_id_regex, NotebookHandler), |
|
106 | (r"/notebooks/%s" % _notebook_id_regex, NotebookHandler), | |
106 | (r"/rstservice/render", RSTHandler) |
|
107 | (r"/rstservice/render", RSTHandler), | |
|
108 | (r"/files/(.*)", AuthenticatedFileHandler, {'path' : notebook_manager.notebook_dir}), | |||
107 | ] |
|
109 | ] | |
108 | settings = dict( |
|
110 | settings = dict( | |
109 | template_path=os.path.join(os.path.dirname(__file__), "templates"), |
|
111 | template_path=os.path.join(os.path.dirname(__file__), "templates"), | |
@@ -280,7 +282,7 class NotebookApp(BaseIPythonApplication): | |||||
280 | static_path = self.webapp_settings.get("static_path", os.path.join(os.path.dirname(__file__), "static")) |
|
282 | static_path = self.webapp_settings.get("static_path", os.path.join(os.path.dirname(__file__), "static")) | |
281 | if os.path.exists(os.path.join(static_path, 'mathjax', "MathJax.js")): |
|
283 | if os.path.exists(os.path.join(static_path, 'mathjax', "MathJax.js")): | |
282 | self.log.info("Using local MathJax") |
|
284 | self.log.info("Using local MathJax") | |
283 | return u"static/mathjax/MathJax.js" |
|
285 | return u"/static/mathjax/MathJax.js" | |
284 | else: |
|
286 | else: | |
285 | self.log.info("Using MathJax from CDN") |
|
287 | self.log.info("Using MathJax from CDN") | |
286 | return u"http://cdn.mathjax.org/mathjax/latest/MathJax.js" |
|
288 | return u"http://cdn.mathjax.org/mathjax/latest/MathJax.js" |
@@ -6,10 +6,10 | |||||
6 |
|
6 | |||
7 | <title>{% block title %}IPython Notebook{% end %}</title> |
|
7 | <title>{% block title %}IPython Notebook{% end %}</title> | |
8 |
|
8 | |||
9 | <link rel="stylesheet" href="static/jquery/css/themes/aristo/jquery-wijmo.css" type="text/css" /> |
|
9 | <link rel="stylesheet" href="/static/jquery/css/themes/aristo/jquery-wijmo.css" type="text/css" /> | |
10 | <link rel="stylesheet" href="static/css/boilerplate.css" type="text/css" /> |
|
10 | <link rel="stylesheet" href="/static/css/boilerplate.css" type="text/css" /> | |
11 | <link rel="stylesheet" href="static/css/layout.css" type="text/css" /> |
|
11 | <link rel="stylesheet" href="/static/css/layout.css" type="text/css" /> | |
12 | <link rel="stylesheet" href="static/css/base.css" type="text/css"/> |
|
12 | <link rel="stylesheet" href="/static/css/base.css" type="text/css"/> | |
13 | {% block stylesheet %} |
|
13 | {% block stylesheet %} | |
14 | {% end %} |
|
14 | {% end %} | |
15 |
|
15 | |||
@@ -21,7 +21,7 | |||||
21 | <body {% block params %}{% end %}> |
|
21 | <body {% block params %}{% end %}> | |
22 |
|
22 | |||
23 | <div id="header"> |
|
23 | <div id="header"> | |
24 | <span id="ipython_notebook"><h1><img src='static/ipynblogo.png' alt='IPython Notebook'/></h1></span> |
|
24 | <span id="ipython_notebook"><h1><img src='/static/ipynblogo.png' alt='IPython Notebook'/></h1></span> | |
25 |
|
25 | |||
26 | {% block login_widget %} |
|
26 | {% block login_widget %} | |
27 |
|
27 | |||
@@ -72,11 +72,11 | |||||
72 |
|
72 | |||
73 | </div> |
|
73 | </div> | |
74 |
|
74 | |||
75 | <script src="static/jquery/js/jquery-1.6.2.min.js" type="text/javascript" charset="utf-8"></script> |
|
75 | <script src="/static/jquery/js/jquery-1.6.2.min.js" type="text/javascript" charset="utf-8"></script> | |
76 | <script src="static/jquery/js/jquery-ui-1.8.14.custom.min.js" type="text/javascript" charset="utf-8"></script> |
|
76 | <script src="/static/jquery/js/jquery-ui-1.8.14.custom.min.js" type="text/javascript" charset="utf-8"></script> | |
77 | <script src="static/js/namespace.js" type="text/javascript" charset="utf-8"></script> |
|
77 | <script src="/static/js/namespace.js" type="text/javascript" charset="utf-8"></script> | |
78 | <script src="static/js/loginmain.js" type="text/javascript" charset="utf-8"></script> |
|
78 | <script src="/static/js/loginmain.js" type="text/javascript" charset="utf-8"></script> | |
79 | <script src="static/js/loginwidget.js" type="text/javascript" charset="utf-8"></script> |
|
79 | <script src="/static/js/loginwidget.js" type="text/javascript" charset="utf-8"></script> | |
80 | {% block script %} |
|
80 | {% block script %} | |
81 | {% end %} |
|
81 | {% end %} | |
82 |
|
82 |
@@ -15,20 +15,20 | |||||
15 | window.mathjax_url = "{{mathjax_url}}"; |
|
15 | window.mathjax_url = "{{mathjax_url}}"; | |
16 | </script> |
|
16 | </script> | |
17 |
|
17 | |||
18 | <link rel="stylesheet" href="static/jquery/css/themes/aristo/jquery-wijmo.css" type="text/css" /> |
|
18 | <link rel="stylesheet" href="/static/jquery/css/themes/aristo/jquery-wijmo.css" type="text/css" /> | |
19 | <link rel="stylesheet" href="static/codemirror/lib/codemirror.css"> |
|
19 | <link rel="stylesheet" href="/static/codemirror/lib/codemirror.css"> | |
20 | <link rel="stylesheet" href="static/codemirror/mode/markdown/markdown.css"> |
|
20 | <link rel="stylesheet" href="/static/codemirror/mode/markdown/markdown.css"> | |
21 | <link rel="stylesheet" href="static/codemirror/mode/rst/rst.css"> |
|
21 | <link rel="stylesheet" href="/static/codemirror/mode/rst/rst.css"> | |
22 | <link rel="stylesheet" href="static/codemirror/theme/ipython.css"> |
|
22 | <link rel="stylesheet" href="/static/codemirror/theme/ipython.css"> | |
23 | <link rel="stylesheet" href="static/codemirror/theme/default.css"> |
|
23 | <link rel="stylesheet" href="/static/codemirror/theme/default.css"> | |
24 |
|
24 | |||
25 | <link rel="stylesheet" href="static/prettify/prettify.css"/> |
|
25 | <link rel="stylesheet" href="/static/prettify/prettify.css"/> | |
26 |
|
26 | |||
27 | <link rel="stylesheet" href="static/css/boilerplate.css" type="text/css" /> |
|
27 | <link rel="stylesheet" href="/static/css/boilerplate.css" type="text/css" /> | |
28 | <link rel="stylesheet" href="static/css/layout.css" type="text/css" /> |
|
28 | <link rel="stylesheet" href="/static/css/layout.css" type="text/css" /> | |
29 | <link rel="stylesheet" href="static/css/base.css" type="text/css" /> |
|
29 | <link rel="stylesheet" href="/static/css/base.css" type="text/css" /> | |
30 | <link rel="stylesheet" href="static/css/notebook.css" type="text/css" /> |
|
30 | <link rel="stylesheet" href="/static/css/notebook.css" type="text/css" /> | |
31 | <link rel="stylesheet" href="static/css/renderedhtml.css" type="text/css" /> |
|
31 | <link rel="stylesheet" href="/static/css/renderedhtml.css" type="text/css" /> | |
32 |
|
32 | |||
33 | {% comment In the notebook, the read-only flag is used to determine %} |
|
33 | {% comment In the notebook, the read-only flag is used to determine %} | |
34 | {% comment whether to hide the side panels and switch off input %} |
|
34 | {% comment whether to hide the side panels and switch off input %} | |
@@ -42,7 +42,7 | |||||
42 | > |
|
42 | > | |
43 |
|
43 | |||
44 | <div id="header"> |
|
44 | <div id="header"> | |
45 | <span id="ipython_notebook"><h1><a href='..' alt='dashboard'><img src='static/ipynblogo.png' alt='IPython Notebook'/></a></h1></span> |
|
45 | <span id="ipython_notebook"><h1><a href='..' alt='dashboard'><img src='/static/ipynblogo.png' alt='IPython Notebook'/></a></h1></span> | |
46 | <span id="save_widget"> |
|
46 | <span id="save_widget"> | |
47 | <input type="text" id="notebook_name" size="20"></textarea> |
|
47 | <input type="text" id="notebook_name" size="20"></textarea> | |
48 | <button id="save_notebook"><u>S</u>ave</button> |
|
48 | <button id="save_notebook"><u>S</u>ave</button> | |
@@ -258,40 +258,40 | |||||
258 |
|
258 | |||
259 | </div> |
|
259 | </div> | |
260 |
|
260 | |||
261 | <script src="static/jquery/js/jquery-1.6.2.min.js" type="text/javascript" charset="utf-8"></script> |
|
261 | <script src="/static/jquery/js/jquery-1.6.2.min.js" type="text/javascript" charset="utf-8"></script> | |
262 | <script src="static/jquery/js/jquery-ui-1.8.14.custom.min.js" type="text/javascript" charset="utf-8"></script> |
|
262 | <script src="/static/jquery/js/jquery-ui-1.8.14.custom.min.js" type="text/javascript" charset="utf-8"></script> | |
263 | <script src="static/jquery/js/jquery.autogrow.js" type="text/javascript" charset="utf-8"></script> |
|
263 | <script src="/static/jquery/js/jquery.autogrow.js" type="text/javascript" charset="utf-8"></script> | |
264 |
|
264 | |||
265 | <script src="static/codemirror/lib/codemirror.js" charset="utf-8"></script> |
|
265 | <script src="/static/codemirror/lib/codemirror.js" charset="utf-8"></script> | |
266 | <script src="static/codemirror/mode/python/python.js" charset="utf-8"></script> |
|
266 | <script src="/static/codemirror/mode/python/python.js" charset="utf-8"></script> | |
267 | <script src="static/codemirror/mode/htmlmixed/htmlmixed.js" charset="utf-8"></script> |
|
267 | <script src="/static/codemirror/mode/htmlmixed/htmlmixed.js" charset="utf-8"></script> | |
268 | <script src="static/codemirror/mode/xml/xml.js" charset="utf-8"></script> |
|
268 | <script src="/static/codemirror/mode/xml/xml.js" charset="utf-8"></script> | |
269 | <script src="static/codemirror/mode/javascript/javascript.js" charset="utf-8"></script> |
|
269 | <script src="/static/codemirror/mode/javascript/javascript.js" charset="utf-8"></script> | |
270 | <script src="static/codemirror/mode/css/css.js" charset="utf-8"></script> |
|
270 | <script src="/static/codemirror/mode/css/css.js" charset="utf-8"></script> | |
271 | <script src="static/codemirror/mode/rst/rst.js" charset="utf-8"></script> |
|
271 | <script src="/static/codemirror/mode/rst/rst.js" charset="utf-8"></script> | |
272 | <script src="static/codemirror/mode/markdown/markdown.js" charset="utf-8"></script> |
|
272 | <script src="/static/codemirror/mode/markdown/markdown.js" charset="utf-8"></script> | |
273 |
|
273 | |||
274 | <script src="static/pagedown/Markdown.Converter.js" charset="utf-8"></script> |
|
274 | <script src="/static/pagedown/Markdown.Converter.js" charset="utf-8"></script> | |
275 |
|
275 | |||
276 | <script src="static/prettify/prettify.js" charset="utf-8"></script> |
|
276 | <script src="/static/prettify/prettify.js" charset="utf-8"></script> | |
277 |
|
277 | |||
278 | <script src="static/js/namespace.js" type="text/javascript" charset="utf-8"></script> |
|
278 | <script src="/static/js/namespace.js" type="text/javascript" charset="utf-8"></script> | |
279 | <script src="static/js/utils.js" type="text/javascript" charset="utf-8"></script> |
|
279 | <script src="/static/js/utils.js" type="text/javascript" charset="utf-8"></script> | |
280 | <script src="static/js/cell.js" type="text/javascript" charset="utf-8"></script> |
|
280 | <script src="/static/js/cell.js" type="text/javascript" charset="utf-8"></script> | |
281 | <script src="static/js/codecell.js" type="text/javascript" charset="utf-8"></script> |
|
281 | <script src="/static/js/codecell.js" type="text/javascript" charset="utf-8"></script> | |
282 | <script src="static/js/textcell.js" type="text/javascript" charset="utf-8"></script> |
|
282 | <script src="/static/js/textcell.js" type="text/javascript" charset="utf-8"></script> | |
283 | <script src="static/js/kernel.js" type="text/javascript" charset="utf-8"></script> |
|
283 | <script src="/static/js/kernel.js" type="text/javascript" charset="utf-8"></script> | |
284 | <script src="static/js/kernelstatus.js" type="text/javascript" charset="utf-8"></script> |
|
284 | <script src="/static/js/kernelstatus.js" type="text/javascript" charset="utf-8"></script> | |
285 | <script src="static/js/layout.js" type="text/javascript" charset="utf-8"></script> |
|
285 | <script src="/static/js/layout.js" type="text/javascript" charset="utf-8"></script> | |
286 | <script src="static/js/savewidget.js" type="text/javascript" charset="utf-8"></script> |
|
286 | <script src="/static/js/savewidget.js" type="text/javascript" charset="utf-8"></script> | |
287 | <script src="static/js/quickhelp.js" type="text/javascript" charset="utf-8"></script> |
|
287 | <script src="/static/js/quickhelp.js" type="text/javascript" charset="utf-8"></script> | |
288 | <script src="static/js/loginwidget.js" type="text/javascript" charset="utf-8"></script> |
|
288 | <script src="/static/js/loginwidget.js" type="text/javascript" charset="utf-8"></script> | |
289 | <script src="static/js/pager.js" type="text/javascript" charset="utf-8"></script> |
|
289 | <script src="/static/js/pager.js" type="text/javascript" charset="utf-8"></script> | |
290 | <script src="static/js/panelsection.js" type="text/javascript" charset="utf-8"></script> |
|
290 | <script src="/static/js/panelsection.js" type="text/javascript" charset="utf-8"></script> | |
291 | <script src="static/js/printwidget.js" type="text/javascript" charset="utf-8"></script> |
|
291 | <script src="/static/js/printwidget.js" type="text/javascript" charset="utf-8"></script> | |
292 | <script src="static/js/leftpanel.js" type="text/javascript" charset="utf-8"></script> |
|
292 | <script src="/static/js/leftpanel.js" type="text/javascript" charset="utf-8"></script> | |
293 | <script src="static/js/notebook.js" type="text/javascript" charset="utf-8"></script> |
|
293 | <script src="/static/js/notebook.js" type="text/javascript" charset="utf-8"></script> | |
294 | <script src="static/js/notebookmain.js" type="text/javascript" charset="utf-8"></script> |
|
294 | <script src="/static/js/notebookmain.js" type="text/javascript" charset="utf-8"></script> | |
295 |
|
295 | |||
296 | </body> |
|
296 | </body> | |
297 |
|
297 |
@@ -5,7 +5,7 IPython Dashboard | |||||
5 | {% end %} |
|
5 | {% end %} | |
6 |
|
6 | |||
7 | {% block stylesheet %} |
|
7 | {% block stylesheet %} | |
8 | <link rel="stylesheet" href="static/css/projectdashboard.css" type="text/css" /> |
|
8 | <link rel="stylesheet" href="/static/css/projectdashboard.css" type="text/css" /> | |
9 | {% end %} |
|
9 | {% end %} | |
10 |
|
10 | |||
11 | {% block meta %} |
|
11 | {% block meta %} | |
@@ -38,6 +38,6 data-base-kernel-url={{base_kernel_url}} | |||||
38 | {% end %} |
|
38 | {% end %} | |
39 |
|
39 | |||
40 | {% block script %} |
|
40 | {% block script %} | |
41 | <script src="static/js/notebooklist.js" type="text/javascript" charset="utf-8"></script> |
|
41 | <script src="/static/js/notebooklist.js" type="text/javascript" charset="utf-8"></script> | |
42 | <script src="static/js/projectdashboardmain.js" type="text/javascript" charset="utf-8"></script> |
|
42 | <script src="/static/js/projectdashboardmain.js" type="text/javascript" charset="utf-8"></script> | |
43 | {% end %} |
|
43 | {% end %} |
@@ -778,6 +778,45 | |||||
778 | { |
|
778 | { | |
779 | "cell_type": "markdown", |
|
779 | "cell_type": "markdown", | |
780 | "source": [ |
|
780 | "source": [ | |
|
781 | "## Local Files", | |||
|
782 | "", | |||
|
783 | "The above examples embed images and video from the notebook filesystem in the output", | |||
|
784 | "areas of code cells. It is also possible to request these files directly in markdown cells", | |||
|
785 | "if they reside in the notebook directory via relative urls prefixed with `files/`:", | |||
|
786 | "", | |||
|
787 | " files/[subdirectory/]<filename>", | |||
|
788 | "", | |||
|
789 | "", | |||
|
790 | "For example, in the example notebook folder, we have the Python logo, addressed as:", | |||
|
791 | "", | |||
|
792 | " <img src=\"files/python-logo.svg\" />", | |||
|
793 | "", | |||
|
794 | "<img src=\"files/python-logo.svg\" />", | |||
|
795 | "", | |||
|
796 | "and a video with the HTML5 video tag:", | |||
|
797 | "", | |||
|
798 | " <video controls src=\"files/animation.m4v\" />", | |||
|
799 | "", | |||
|
800 | "<video controls src=\"files/animation.m4v\" />", | |||
|
801 | "", | |||
|
802 | "These do not embed the data into the notebook file,", | |||
|
803 | "and require that the files exist when you are viewing the notebook.", | |||
|
804 | "", | |||
|
805 | "### Security of local files", | |||
|
806 | "", | |||
|
807 | "Note that this means that the IPython notebook server also acts as a generic file server", | |||
|
808 | "for files inside the same tree as your notebooks. Access is not granted outside the", | |||
|
809 | "notebook folder so you have strict control over what files are visible, but for this", | |||
|
810 | "reason it is highly recommended that you do not run the notebook server with a notebook", | |||
|
811 | "directory at a high level in your filesystem (e.g. your home directory).", | |||
|
812 | "", | |||
|
813 | "When you run the notebook in a password-protected manner, local file access is restricted", | |||
|
814 | "to authenticated users unless read-only views are active." | |||
|
815 | ] | |||
|
816 | }, | |||
|
817 | { | |||
|
818 | "cell_type": "markdown", | |||
|
819 | "source": [ | |||
781 | "### External sites", |
|
820 | "### External sites", | |
782 | "", |
|
821 | "", | |
783 | "You can even embed an entire page from another site in an iframe; for example this is today's Wikipedia", |
|
822 | "You can even embed an entire page from another site in an iframe; for example this is today's Wikipedia", |
General Comments 0
You need to be logged in to leave comments.
Login now